Dynamic digital consent

ABSTRACT

A method for enhancing customer authentication and consent for finalizing an offer to a customer of a product and/or a service is provided. The method may include using a first receiver to receive an authentication request from an initiator. The authentication request may include a customer name and a customer phone number. The method may also include using a first processor to generate a pin number and transmit the pin number to the customer phone number. The pin number may include an identifier associated with the product and/or service. The method may further include using a second receiver, included in a mobile phone, to receive the pin number, and using a second processor, included on the mobile phone, to authenticate the pin number. The authentication may include verifying a match between the customer phone number and a mobile phone number associated with the mobile phone.

FIELD OF TECHNOLOGY

Aspects of the invention relate to enhancing customer authenticationsystems and methods. Specifically, the invention relates to enhancingcustomer authentication using data and applications stored on acustomer's mobile phone.

BACKGROUND

Many products and services require authenticating a customer's identity.Robust customer authentication is important for security purposes and toensure that the proper individual is receiving the product and/orservice. Many of these products and services also require the customerto consent to terms and conditions prior to the customer receiving theproduct and/or service. These requirements may be administrativerequirements or requirements of the product/service provider.

Authenticating a customer's identity can be difficult and cumbersome.Additionally, it can be difficult for a sales representative to rememberto obtain the appropriate customer consent. Furthermore, even whenconsent is obtained, a record of the consent can sometimes be lost.Failure to properly authenticate a customer and/or obtain or record theappropriate consent can expose the product/service provider toregulatory, or other, penalties.

Today, many people carry a mobile phone with them throughout the day.Most mobile phones have internet connection and support a plurality offunctionalities. Additionally, many people's mobile phones store a largeamount of personal data relating to their users, such as user location,motion, pictures, documents, etc.

It would be desirable, therefore, to provide systems and methods forusing data and functionalities stored on a customer's mobile phone toassist a product/service provider in authenticating the customer'sidentity. This is desirable at least because mobile phone data canpotentially include a wealth of customer-specific data and, in theseinstances, assist the provider in establishing robust customerauthentication protocols.

It would be further desirable to use a customer's mobile phone to obtainconsent to terms and conditions of the product/service. This isdesirable at least because digital transmission and receipt of customerconsent can be easily tracked and saved, creating robust digital recordsof compliance with any applicable administrative and/or regulatoryrequirements.

BRIEF DESCRIPTION OF THE DRAWINGS

The objects and advantages of the invention will be apparent uponconsideration of the following detailed description, taken inconjunction with the accompanying drawings, in which like referencecharacters refer to like parts throughout, and in which:

FIG. 1 shows an illustrative method in accordance with principles of theinvention;

FIG. 2 shows illustrative system architecture in accordance withprinciples of the invention;

FIG. 3 shows illustrative apparatus in accordance with principles of theinvention; and

FIG. 4 shows illustrative apparatus in accordance with principles of theinvention.

DETAILED DESCRIPTION

Aspects of the invention relate to enhancing customer authentication andconsent for finalizing an offer to a customer. The offer may be aproduct. The offer may be a service. The offer may be a product and/or aservice. The product/service may be offered by a business, agovernmental body, an educational institution, a financial institution,a regulatory agency, or any other suitable organization or vendor.Exemplary products/services may include credit cards, bank accounts,veteran's benefits, food stops and/or airport security checks.

The method may include using a first receiver to receive anauthentication request from an initiator. An authentication request maybe a request to verify that the customer applying for theproduct/service has provided true and accurate identifying information,such as his name, address, etc.

The method may include using a first receiver to receive a consentrequest from an initiator. A consent request may be a request toelectronically transmit to the customer terms and/or conditions. Theterms/conditions may be terms and conditions that the customer isrequired to consent to prior to being offered, or receiving, theproduct/service. The terms/conditions may be a business regulation,regulatory requirement, legal requirement, or any other requirement.

The method may include using the first receiver to receive both anauthentication request and a consent request from the initiator.

The initiator may transmit the request to the first receiver during anonboarding process executed by the initiator prior to offering thecustomer the product/service. The initiator may transmit the request tothe first receiver prior to beginning an application process for thecustomer. The initiator may transmit the authentication request to thefirst receiver after extending an offer to the customer pending thecustomer's authorization using the systems and methods of the invention.

The authentication request may include a customer name. Theauthentication request may include an identifier. The identifier may beassociated with the product/service that the initiator is consideringoffering the customer.

The authentication request may include a customer phone number. Thecustomer phone number may be a phone number provided by the customer tothe initiator. The customer phone number may be a customer phone numberelectronically associated with the customer in a customer onlineprofile, in a governmental database, in business records, or any othersuitable location.

The consent request may include the customer name and/or the customerphone number. The consent request may include the identifier.

The method may include using a first processor to generate a pin numberin response to the received authentication and/or consent request. Thepin number may be a one-time pin (“OTP”). For the purposes of theapplication, a OTP may be a pin created for a customer to use once. Themethod may also include using a transmitter to transmit the pin numberto the customer phone number. The pin number may be transmitted to thecustomer phone number by text, e-mail, phone call or any other suitablemethod.

The first receiver, the first processor and the first transmitter may beincluded in a PIN generation engine. The pin number generated by the PINgeneration engine may include the identifier.

The method may include a mobile phone. The mobile phone may include asecond receiver and a second processor.

The method may include using the second receiver to receive the pinnumber. The pin number may be received by the mobile phone via text,e-mail, a phone call, or any other suitable method.

The pin number may be input, by the customer, into the mobile phone. Thepin number may be input into a webpage displayed by a screen included inthe mobile phone. The pin number may be input into an applicationresident on the mobile phone.

The method may include using the second processor to authenticate thepin number. The authentication may include verifying a match between thecustomer phone number and a mobile phone number associated with themobile phone. The authentication may include establishing that the pinnumber was input into the mobile phone within a predetermined timeperiod. The predetermined time period may commence when the firsttransmitter transmits the pin number to the mobile phone, and terminateafter a predetermined length of time thereafter.

The method may include using the second processor to retrieve, from adatabase, a first authentication method, a second authentication method,and a consent text. The method may include using the second processor toretrieve, from a database, a first authentication method and a secondauthentication method. The first authentication method, the secondauthentication method and the consent text may each be associated withthe identifier.

The database may store a plurality of identifiers. Each identifier maybe associated with one, two, three or more authentication methods. Eachauthentication method may include one, two, three or more authenticationprocedures. A first identifier and a second identifier may each beassociated with the same authentication methods. A first identifier anda second identifier may each be associated with different authenticationmethods.

The first authentication method may include one, two, three, four ormore authentication procedures. Exemplary authentication procedures mayinclude a biometric scan, a match between data submitted by the customerand data stored on the customer's cell phone, a match between datasubmitted by the customer and data stored on one or more of thecustomer's online profiles, and any other suitable authenticationprocedure. The first authentication method may include a firstauthentication threshold. The first authentication threshold may definehow the customer must satisfy each of the authentication procedures inorder to be determined to be authenticated by the first authenticationmethod.

The second authentication method may include one, two, three, four ormore authentication procedures. Exemplary authentication procedures mayinclude a biometric scan, a match between data submitted by the customerand data stored on the customer's cell phone, a match between datasubmitted by the customer and data stored on one or more of thecustomer's online profiles, and any other suitable authenticationprocedure. The second authentication method may include a secondauthentication threshold. The second authentication threshold may definehow the customer must satisfy each of the authentication procedures inorder to be determined to be authenticated by the second authenticationmethod.

In some embodiments, the first authentication method may include abiometric scan. The second authentication method may not include thebiometric scan. In some of these embodiments, the second authenticationthreshold may be higher than the first authentication threshold. Forexample, the second authentication threshold may include additionalauthentication procedures, a higher match between submitted customerdata and customer data stored on the mobile phone, the customer's onlineprofiles, or in any other location.

The method may include displaying, to the customer, the consent text.The method may include using the second receiver to receive a firstcustomer selection evidencing the customer's agreement to terms andconditions included in the consent text.

The method may include using the second receiver to receive a secondcustomer selection of one of the first authentication method and thesecond authentication method. The method may include using the secondprocessor to authenticate the customer based on the selected one of thefirst second authentication methods.

Upon authentication of the customer via the selected authenticationmethod, the method may include transmitting to the initiator a messagestating that the customer's identity has been authenticated and/or thathis consent to terms and conditions associated with the product/servicehas been received. The initiator may store the message in a database.The database may be used to keep records of the customers consent and/orauthentication.

The method may include, when the second processor determines that thecustomer has satisfied the first threshold, using a second transmitterto transmit an electronic offer to the customer. The electronic offermay provide the customer an option to enroll in the product and/orservice.

The method may include, when the second processor determines that thecustomer has satisfied the second threshold, using a transmitter totransmit an electronic offer to the customer. The electronic offer mayprovide the customer an option to enroll in the product and/or service.

The method may include maintaining a database. The database may be inelectronic connection with the website or application running on themobile phone. The database may store a plurality of plurality ofidentifiers. Each identifier may be associated with one of a pluralityof products and/or services. The method may also include associatingeach of the identifiers with one or more authentication methods and oneor more consent texts.

In exemplary embodiments, the first authentication threshold may includeestablishing a match between stored customer data and customer dataresident on the mobile phone and establishing a match between storedcustomer biometric data and biometric data generated by the biometricscan.

In exemplary embodiments, the method may include when the secondreceiver receives a second customer selection of the firstauthentication method, using the second processor to determine that thecustomer has satisfied the first threshold. Satisfying the firstthreshold may include using the second processor to establish a matchbetween the stored customer data and the customer data resident on themobile phone. Satisfying the first threshold may include using thesecond processor to establish the match between the stored customerbiometric data and the generated biometric data.

In exemplary embodiments, the second authentication threshold mayinclude establishing a match between stored customer data and customerdata resident on the mobile phone.

In exemplary embodiments, when the second receiver receives a secondcustomer selection of the second authentication method, the method mayinclude the second processor to determine that the customer hassatisfied the second threshold. Satisfying the second threshold mayinclude using the second processor to establish a match between thestored customer data and the customer data resident on the mobile phone.Satisfying the second threshold may include using the second processorto establish a match between a phone number stored on a website profileassociated with the customer and the customer phone number. Satisfyingthe second threshold may include using the second processor to establisha match between historical customer location data stored on the mobilephone and a customer address.

In some embodiments, the pin number generated by the PIN generationengine may not be a one-time pin. Instead, the pin number may be used bythe customer two, three or more times, during a predetermined timeperiod. The time period may be one day, two days, a week, two weeks,three weeks, one month, or any other suitable time period.

In some of these embodiments, a customer may input the pin number intohis mobile phone and execute a customer selection indicating his consentto terms and conditions associated with a product/service. The customermay then long out of the application/website.

The method may include the application/website transmitting anelectronic message to the identifier to confirm that the customer hasconsented to the terms and conditions. The consent data may be storedand archived in a database. The consent data may be associated with one,two, or all of the customer's name, mobile phone number and pin number.

The customer may, at a later point in time, re-input the pin number intothe application/website, and select and execute an authenticationmethod. At that later point in time, the application/website maydetermine whether or not the time period has lapsed. If the time perioddid not lapse, the application/website may begin the selectedauthentication process. If the time period did lapse, theapplication/website may not begin the authentication process. A messagemay be displayed to the customer, informing the customer of therequirement to contact the initiator again to re-start the applicationprocess for the product/service.

In the event that the time period did not lapse, the application/websitemay initiate and complete a selected authentication process. Uponcompletion of the authentication process, the application may transmit amessage to the initiator that the authentication has been completed. Themethod may include associating the authentication with the consent. Theauthentication may be associated with the consent using the stored pinnumber, customer name and/or mobile phone number. The method may includeoffering the customer the product/service after the customer hassatisfied the consent and authentication requirements.

In some embodiments, when the customer consents to the terms andconditions and subsequently logs out of the application/website, theapplication/website may gather a first set of metadata associated withthe customer's mobile phone. For example, the application/website maydetermine how many contacts the mobile phone has, the data usage of thephone, applications run on the phone, the type of mobile phone that thecustomer has, etc. The application/website may transmit the first set ofmetadata data to the initiator together with data confirming that thecustomer has consented to the terms and conditions.

At a later point in time, when the customer re-enters his pin numberinto the application/website and the application/website authenticateshis identity, the application/website may gather a second set ofmetadata associated with the customer's mobile phone. The second set ofmetadata may include metadata detailed above. The application/websitemay transmit the second set of metadata to the identifier, in additionto a confirmation that the customer has been authenticated.

The method may include comparing the first set of metadata to the secondset of metadata. In the event that the first set of metadata differsfrom the second set of metadata by a predetermined amount, theauthentication/confirmation process may be terminated. The initiator maybe required to re-start the authentication/confirmation procedure asdetailed herein.

Apparatus and methods described herein are illustrative. Apparatus andmethods in accordance with this disclosure will now be described inconnection with the figures, which form a part hereof. The figures showillustrative features of apparatus and method steps in accordance withthe principles of this disclosure. It is to be understood that otherembodiments may be utilized and that structural, functional andprocedural modifications may be made without departing from the scopeand spirit of the present disclosure.

The steps of the methods may be performed in an order other than theorder shown and/or described herein. Embodiments may omit steps shownand/or described in connection with illustrative methods. Embodimentsmay include steps that are neither shown nor described in connectionwith illustrative methods.

Illustrative method steps may be combined. For example, an illustrativemethod may include steps shown in connection with another illustrativemethod or another method described herein.

Apparatus may omit features shown and/or described in connection withillustrative apparatus. Embodiments may include features that areneither shown nor described in connection with the illustrativeapparatus. Features of illustrative apparatus may be combined. Forexample, an illustrative embodiment may include features shown inconnection with another illustrative embodiment.

FIG. 1 shows an illustrative method 100 in accordance with theinvention. Method 100 may include one, two or more of steps 1-9. Method100 may include one, two or more steps not shown in FIG. 1 but describedherein.

At step 101, method 100 may include receiving an authentication requestincluding a customer name and a phone number. At step 103, the methodmay include generating a pin number. The pin number may include anidentifier associated with a product/service. The method may include, atstep 105, transmitting the pin number to the customer phone number.

The method may include, at step 107, receiving the pin number. At step109, the method may include verifying a match between the customer phonenumber and a mobile phone number associated with a mobile phone. Themobile phone may be the mobile phone that received the pin number.

The method may include, at step 111, retrieving, from a database, afirst authentication method, a second authentication method and aconsent text. The retrieved data may be associated with the identifier.

The method may include, at step 113, receiving a first customerselection. The first customer selection may evidence the customer'sagreement to terms and conditions included in the consent text.

At step 115, the method may include receiving a second customerselection of one of the first authentication method and the secondauthentication method. The method may include, at step 117,authenticating the customer based on the selected one of the first orsecond authentication methods.

FIG. 2 shows an illustrative system architecture in accordance with theinvention. The system architecture may include initiator 201, PINgeneration engine 203, mobile phone 205, and customer 207.

Initiator 201 may use an electronic device, such as a computer, tablet,cell phone, or any other suitable device to electronically communicatewith PIN generation engine 203. Initiator 201 may transmit to PINgeneration engine 203 a request to generate a pin number for customer207. The request may include an identifier. The identifier may identifythe product/service that initiator 201 is contemplating offering tocustomer 207.

PIN generation engine 203 may be in electronic communication with mobilephone 205. PIN generation engine 203 may transmit to mobile phone 205 apin number generated in response to initiator 201's request. PINgeneration engine 203 may transmit the pin number to mobile phone 205using text messaging, e-mail, a posting on a social media page ofcustomer 207, or using any other suitable transmission mechanism.

Mobile phone 205 may receive the pin number from PIN generation engine203. Customer 207 may receive data from, and input data into, mobilephone 205. Customer 207 may view the pin number, and input into awebsite or application the pin number.

The website or application may authenticate the pin number and, afterauthentication, display a webpage to the customer one or both of a firstand second authentication method and/or consent text.

When the customer has successfully passed the first or secondauthentication threshold, the website or application may transmit toinitiator 201 a message confirming the authentication of customer 207.When the customer fails to pass the first or second authenticationthreshold, the website or application may transmit to initiator 201 amessage indicating that customer 207 failed to pass the first or secondauthentication threshold.

FIG. 3 is a block diagram that illustrates computing device 301(alternately referred to herein as a “server”) that may be used toexecute one or more processes and methods in accordance withillustrative embodiments of the invention. Specifically, initiator 201,pin generation engine 203 and mobile phone 205 may include one or morehardware components of computing device 301.

The computer server 301 may have a processor 303 for controlling overalloperation of the server and its associated components, including RAM305, ROM 307, input/output module 309, and memory 315.

Input/output (“I/O”) module 309 may include a microphone, keypad, touchscreen, and/or stylus through which a user of server 301 may provideinput, and may also include one or more of a speaker for providing audiooutput and a video display device for providing textual, audiovisualand/or graphical output. Software may be stored within memory 315 and/orstorage to provide instructions to processor 304 for enabling server 301to perform various functions. For example, memory 315 may store softwareused by server 301, such as an operating system 317, applicationprograms 319, and an associated database 311. Alternately, some or allof server 301 computer executable instructions may be embodied inhardware or firmware (not shown). Database 311 may provide storage forthe GUI. Database 311 may provide storage for the CAD. For example,database 311 may store information input into the GUI. Database 311 mayprovide storage for the CMT while the CMT is monitoring and recordinguser transactions.

Server 301 may operate in a networked environment supporting connectionsto one or more remote computers, such as terminals 341 and 351.Terminals 341 and 351 may be personal computers or servers that includemany or all of the elements described above relative to server 301. Thenetwork connections depicted in FIG. 3 include a local area network(LAN) 325 and a wide area network (WAN) 329, but may also include othernetworks. When used in a LAN networking environment, computer 301 isconnected to LAN 325 through a network interface or adapter 313. Whenused in a WAN networking environment, server 301 may include a modem 327or other means for establishing communications over WAN 329, such asInternet 331. It will be appreciated that the network connections shownare illustrative and other means of establishing a communications linkbetween the computers may be used. The existence of any of variouswell-known protocols such as TCP/IP, Ethernet, FTP, HTTP and the like ispresumed, and the system can be operated in a client-serverconfiguration to permit a user to retrieve web pages or screens via theWorld Wide Web from a web-based server. Any of various conventional webbrowsers can be used to display and manipulate data on web pages.

Additionally, application program 319, which may be used by server 301,may include computer executable instructions for invoking userfunctionality related to communication, such as email, short messageservice (SMS), and voice input and speech recognition applications.

Computing device 301 and/or terminals 341 or 351 may also be mobileterminals including various other components, such as a battery,speaker, and antennas (not shown).

A terminal such as 341 or 351 may be used by a user of the GUI to accessand input information into the GUI, including information for creatingone or more user groups, security groups, traversing rules, associatingone or more user groups with one or more security groups and/orassociating one or more traversing rules with one or more user groups,security groups or users. Information input into the GUI may be storedin memory 315. The input information may be processed by an applicationsuch as one of applications 319.

FIG. 4 shows an illustrative apparatus that may be configured inaccordance with the principles of the invention. FIG. 4 showsillustrative apparatus 400. Initiator 201, pin generation engine 203 andmobile phone 205 may include one or more hardware components ofapparatus 400 shown in FIG. 4.

Apparatus 400 may be a computing machine. Apparatus 400 may be includedin apparatus shown in FIG. 3. Apparatus 400 may include chip module 402,which may include one or more integrated circuits, and which may includelogic configured to perform any other suitable logical operations.

Apparatus 400 may include one or more of the following components: I/Ocircuitry 404, which may include the transmitter device and the receiverdevice and may interface with fiber optic cable, coaxial cable,telephone lines, wireless devices, PHY layer hardware, a keypad/displaycontrol device or any other suitable encoded media or devices;peripheral devices 406, which may include counter timers, real-timetimers, power-on reset generators or any other suitable peripheraldevices; logical processing device (“processor”) 408, which may computedata structural information, structural parameters of the data, quantifyindicies; and machine-readable memory 410.

Machine-readable memory 410 may be configured to store inmachine-readable data structures information such as user groups,security groups, traversing rules, associations between user groups andsecurity groups, associations between one or more traversing rules andone or more user groups, security groups and/or users, and any othersuitable information or data structures.

Components 402, 404, 406, 408 and 410 may be coupled together by asystem bus or other interconnections 412 and may be present on one ormore circuit boards such as 420. In some embodiments, the components maybe integrated into a single silicon-based chip.

It will be appreciated that software components including programs anddata may, if desired, be implemented in ROM (read only memory) form,including CD-ROMs, EPROMs and EEPROMs, or may be stored in any othersuitable computer-readable medium such as but not limited to discs ofvarious kinds, cards of various kinds and RAMs. Components describedherein as software may, alternatively and/or additionally, beimplemented wholly or partly in hardware, if desired, using conventionaltechniques.

Various signals representing information described herein may betransferred between a source and a destination in the form ofelectromagnetic waves traveling through signal-conducting encoded mediasuch as metal wires, optical fibers, and/or wireless transmissionencoded media (e.g., air and/or space).

Apparatus 400 may operate in a networked environment supportingconnections to one or more remote computers via a local area network(LAN), a wide area network (WAN), or other suitable networks. When usedin a LAN networking environment, apparatus 400 may be connected to theLAN through a network interface or adapter in I/O circuitry 404. Whenused in a WAN networking environment, apparatus 400 may include a modemor other means for establishing communications over the WAN. It will beappreciated that the network connections shown are illustrative andother means of establishing a communications link between the computersmay be used. The existence of any of various well-known protocols suchas TCP/IP, Ethernet, FTP, HTTP and the like is presumed, and the systemmay be operated in a client-server configuration to permit a user tooperate processor 408, for example over the Internet.

Apparatus 400 may be included in numerous general purpose or specialpurpose computing system environments or configurations. Examples ofwell-known computing systems, environments, and/or configurations thatmay be suitable for use with the invention include, but are not limitedto, personal computers, server computers, hand-held or laptop devices,mobile phones and/or other personal digital assistants (“PDAs”),multiprocessor systems, microprocessor-based systems, tablets,programmable consumer electronics, network PCs, minicomputers, mainframecomputers, distributed computing environments that include any of theabove systems or devices, and the like.

Thus, methods and apparatus for enhancing customer authentication andconsent have been provided. Persons skilled in the art will appreciatethat the present invention can be practiced by other than the describedembodiments, which are presented for purposes of illustration ratherthan of limitation. The present invention is limited only by the claimsthat follow.

What is claimed is:
 1. A method for enhancing customer authenticationand consent for finalizing an offer to a customer of a product and/orservice, the method comprising: using a first receiver to receive anauthentication request from an initiator, the authentication requestincluding a customer name and a customer phone number; using a firstprocessor to generate a pin number and transmit the pin number to thecustomer phone number, wherein the pin number includes an identifierassociated with the product and/or service; using a second receiver,included in a mobile phone, to receive the pin number; using a secondprocessor, included on the mobile phone, to authenticate the pin number,the authentication including verifying a match between the customerphone number and a mobile phone number associated with the mobile phone;using the second processor to retrieve, from a database, a firstauthentication method, a second authentication method, and a consenttext, wherein: the first authentication method, the secondauthentication method and the consent text are each associated with theidentifier; the first authentication method includes a firstauthentication threshold and a biometric scan; and the secondauthentication method includes a second authentication threshold, thesecond authentication threshold being higher than the firstauthentication, the second authentication method not including thebiometric scan; using the second receiver to receive a first customerselection evidencing the customer's agreement to terms and conditionsincluded in the consent text; using the second receiver to receive asecond customer selection of one of the first authentication method andthe second authentication method; and using the second processor toauthenticate the customer based on the selected one of the first secondauthentication methods.
 2. The method of claim 1 further comprisingstoring, in the database, a plurality of identifiers, each identifierbeing associated with one of a plurality of products and/or services. 3.The method of claim 2 further comprising associating each of theidentifiers with one or more authentication methods and one or moreconsent texts.
 4. The method of claim 1 wherein the first authenticationthreshold includes establishing a match between stored customer data andcustomer data resident on the mobile phone and establishing a matchbetween stored customer biometric data and biometric data generated bythe biometric scan.
 5. The method of claim 4 further comprising, whenthe second receiver receives a second customer selection of the firstauthentication method, using the second processor to determine that thecustomer has satisfied the first threshold, wherein satisfying the firstthreshold includes: using the second processor to establish a matchbetween the stored customer data and the customer data resident on themobile phone; and using the second processor to establish the matchbetween the stored customer biometric data and the generated biometricdata.
 6. The method of claim 5 further comprising, when the secondprocessor determines that the customer has satisfied the firstthreshold, using a transmitter to transmit an electronic offer to thecustomer, the electronic offer providing the customer an option toenroll in the product and/or service.
 7. The method of claim 4 whereinusing the second processor to authenticate the pin number furthercomprises determining if the pin was received by the second receiverwithin a predetermined time period, the predetermined time periodcommencing after the transmission of the pin number to the customerphone number.
 8. The method of claim 1 wherein the second authenticationthreshold includes establishing a match between stored customer data andcustomer data resident on the mobile phone.
 9. The method of claim 8further comprising, when the second receiver receives a second customerselection of the second authentication method, using the secondprocessor to determine that the customer has satisfied the secondthreshold, wherein satisfying the second threshold includes: using thesecond processor to establish a match between the stored customer dataand the customer data resident on the mobile phone; using the secondprocessor to establish a match between a phone number stored on awebsite profile associated with the customer and the customer phonenumber; and using the second processor to establish a match betweenhistorical customer location data stored on the mobile phone and acustomer address.
 10. The method of claim 9 further comprising, when thesecond processor determines that the customer has satisfied the secondthreshold, using a transmitter to transmit an electronic offer to thecustomer, the electronic offer providing the customer an option toenroll in the product and/or service.
 11. A system comprising: a PINgeneration engine for: receiving an authentication request from aninitiator, the authentication request including a customer name and acustomer phone number; and generating a pin number and transmit the pinnumber to a customer phone number, wherein the pin number includes anidentifier associated with the product and/or service; a mobile phonefor receiving the pin number; and and an online application supported bythe mobile phone and configured to: authenticate the pin number, theauthentication including verifying a match between the customer phonenumber and a mobile phone number associated with the mobile phone;retrieve, from a database, a first authentication method, a secondauthentication method, and a consent text, wherein: the firstauthentication method, the second authentication method and the consenttext are each associated with the identifier; the first authenticationmethod includes a first authentication threshold and a biometric scan;and the second authentication method includes a second authenticationthreshold, the second authentication threshold being higher than thefirst authentication, the second authentication method not including thebiometric scan; use the second receiver to receive a first customerselection evidencing the customer's agreement to terms and conditionsincluded in the consent text; use the second receiver to receive asecond customer selection of one of the first authentication method andthe second authentication method; and use the second processor toauthenticate the customer based on the selected one of the first secondauthentication methods.
 12. The method of claim 11 wherein the onlineapplication is further configured to store, in the database, a pluralityof identifiers, each identifier being associated with one of a pluralityof products and/or services.
 13. The system of claim 12 wherein theonline application is further configured to associate each of theidentifiers with one or more authentication systems and one or moreconsent texts.
 14. The system of claim 11 wherein the firstauthentication threshold includes establishing a match between storedcustomer data and customer data resident on the mobile phone andestablishing a match between stored customer biometric data andbiometric data generated by the biometric scan.
 15. The system of claim14 wherein, when the online application receives a second customerselection of the first authentication system, the online application isfurther configured to determine whether the customer has satisfied thefirst threshold, the satisfying the first threshold including: comparingthe stored customer data and the customer data resident on the mobilephone; and comparing the stored customer biometric data and thegenerated biometric data.
 16. The system of claim 15 wherein, when theonline application has determined that the customer has satisfied thefirst threshold, the online application is configured to transmit anelectronic offer to the customer, the electronic offer providing thecustomer an option to enroll in the product and/or service.
 17. Thesystem of claim 14 wherein the authentication of the pin number includesdetermining if the pin was received by the online application within apredetermined time period, the predetermined time period commencingafter the transmission of the pin number to the customer phone number.18. The system of claim 11 wherein the second authentication thresholdincludes establishing a match between stored customer data and customerdata resident on the mobile phone.
 19. The system of claim 18 wherein,when the online application receives a second customer selection of thesecond authentication system, the online application is furtherconfigured to determine whether the customer has satisfied the secondthreshold, the satisfying the second threshold including: establishing amatch between the stored customer data and the customer data resident onthe mobile phone; establishing a match between a phone number stored ona website profile associated with the customer and the customer phonenumber; and establishing a match between historical customer locationdata stored on the mobile phone and a customer address.
 20. The systemof claim 19 wherein, when the online application has determined that thecustomer has satisfied the second threshold, the online application isconfigured to transmit an electronic offer to the customer, theelectronic offer providing the customer an option to enroll in theproduct and/or service.